Federal financial regulators have warned banks against hackers who are using new technological tactics that allow thieves to make almost unlimited withdrawals from ATMs.
The Federal Financial Institutions Examination Council released an alert this week on the wave of cybercrime, the Los Angeles Times reported.
Some hackers have found ways to schedule huge withdrawals around weekends and holiday seasons, when ATM officials put extra cash into the machines and banks become even busier.
The scam is called Unlimited Operations, according to Secret Service officials who spoke with the Times on Thursday.
"A recent Unlimited Operations attack netted over $40 million in fraud using only 12 debit card accounts," the Council wrote in its statement.
Unlimited reportedly sidesteps limits placed on ATM withdrawals, allowing thieves to take out more than accountholders have in their checking and savings.
Regulators reported seeing scams that frequently started as spam mail attacks - official-looking emails sent to bank officials that release malware into the institution's system.
Using the malicious software, thieves then manage to grab employee login information, gain access to the institution's interface, and find out how to use ATM control panels, which are often online-based. Then, the hackers raise the amount of money consumers can take out of the ATM.
"The cash-out phase of the attack involves criminals organizing simultaneous withdrawals of large amounts of cash from multiple ATMs over a short time period, usually four hours to two days," the statement read.
Officials suggest consumers try not to use debit or ATM cards, since they are directly linked to the owner's bank accounts, and instead, pull out the credit plastic, whose funds don't get taken straight from the bank.
"Another great reason to ditch debit cards and use only credit cards," director of the Privacy Rights Clearinghouse in San Diego Beth Givens told the Times.
© 2025 HNGN, All rights reserved. Do not reproduce without permission.
